Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address trim and terser vulnerabilities. #244

Merged
merged 4 commits into from
Jul 19, 2022
Merged

Address trim and terser vulnerabilities. #244

merged 4 commits into from
Jul 19, 2022

Conversation

tmeyer2115
Copy link
Collaborator

Snyk highlighted issues with the trim and terser transitive dependencies.
I manually edited the package-lock.json to update the versions of these
two dependencies. The new versions have fixes for the various security
vulnerabilities.

TEST=manual

Made sure I could build the Storybook site and all looked as expected.
The transitive dependencies were ultimately dependencies of Storybook.

@tmeyer2115
Address trim and terser vulnerabilities.
e44343e 
Snyk highlighted issues with the trim and terser transitive dependencies.
I manually edited the package-lock.json to update the versions of these
two dependencies. The new versions have fixes for the various security
vulnerabilities.

TEST=manual

Made sure I could build the Storybook site and all looked as expected.
The transitive dependencies were ultimately dependencies of Storybook.
@tmeyer2115 tmeyer2115 requested a review from a team as a code owner July 19, 2022 15:35
@coveralls
Copy link

coveralls commented Jul 19, 2022
edited

Coverage Status

Coverage remained the same at 84.343% when pulling 577f89b on dev/snyk-fixes into ba357d1 on main.

oshi97
oshi97 reviewed Jul 19, 2022
View reviewed changes
THIRD-PARTY-NOTICES Outdated Show resolved Hide resolved
oshi97
oshi97 previously approved these changes Jul 19, 2022
View reviewed changes
@tmeyer2115 tmeyer2115 requested a review from oshi97 July 19, 2022 17:57
@tmeyer2115 tmeyer2115 merged commit a5bb2a4 into main Jul 19, 2022
@oshi97 oshi97 deleted the dev/snyk-fixes branch July 20, 2022 14:32
yen-tt pushed a commit that referenced this pull request Sep 28, 2022
@tmeyer2115
Address trim and terser vulnerabilities. (#244)
ffc1262 
Snyk highlighted issues with the trim and terser transitive dependencies.
I manually edited the package-lock.json to update the versions of these
two dependencies. The new versions have fixes for the various security
vulnerabilities.

TEST=manual

Made sure I could build the Storybook site and all looked as expected.
The transitive dependencies were ultimately dependencies of Storybook.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oshi97 oshi97 oshi97 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@tmeyer2115 @coveralls @oshi97